X509 *newcert = NULL;
ENGINE *engine = NULL;
char mock_server[] = "mock server:1";
+ OSSL_CMP_CTX *srv_cmp_ctx = NULL;
int ret = 0; /* default: failure */
prog = opt_appname(argv[0]);
if ((srv_ctx = setup_srv_ctx(engine)) == NULL)
goto err;
+ srv_cmp_ctx = OSSL_CMP_SRV_CTX_get0_cmp_ctx(srv_ctx);
OSSL_CMP_CTX_set_transfer_cb_arg(cmp_ctx, srv_ctx);
- if (!OSSL_CMP_CTX_set_log_cb(OSSL_CMP_SRV_CTX_get0_cmp_ctx(srv_ctx),
- print_to_bio_out)) {
+ if (!OSSL_CMP_CTX_set_log_cb(srv_cmp_ctx, print_to_bio_out)) {
CMP_err1("cannot set up error reporting and logging for %s", prog);
goto err;
}
+ OSSL_CMP_CTX_set_log_verbosity(srv_cmp_ctx, opt_verbosity);
}
BIO *acbio;
BIO *cbio = NULL;
int msgs = 0;
+ int retry = 1;
if ((acbio = http_server_init_bio(prog, opt_port)) == NULL)
goto err;
ret = http_server_get_asn1_req(ASN1_ITEM_rptr(OSSL_CMP_MSG),
(ASN1_VALUE **)&req, &path,
&cbio, acbio, prog, 0, 0);
- if (ret == 0)
- continue;
- if (ret++ == -1)
- break; /* fatal error */
+ if (ret == 0) { /* no request yet */
+ if (retry) {
+ sleep(1);
+ retry = 0;
+ continue;
+ }
+ ret = 0;
+ goto next;
+ }
+ if (ret++ == -1) /* fatal error */
+ break;
ret = 0;
msgs++;
path);
OPENSSL_free(path);
OSSL_CMP_MSG_free(req);
- goto cont;
+ goto next;
}
OPENSSL_free(path);
resp = OSSL_CMP_CTX_server_perform(cmp_ctx, req);
OSSL_CMP_MSG_free(resp);
if (!ret)
break; /* treated as fatal error */
- } else {
- (void)http_server_send_status(cbio, 400, "Bad Request");
}
- cont:
+ next:
+ if (!ret) { /* on transmission error, cancel CMP transaction */
+ (void)OSSL_CMP_CTX_set1_transactionID(srv_cmp_ctx, NULL);
+ (void)OSSL_CMP_CTX_set1_senderNonce(srv_cmp_ctx, NULL);
+ }
BIO_free_all(cbio);
cbio = NULL;
}
# endif
#endif
+static int verbosity = LOG_INFO;
#ifdef HTTP_DAEMON
int multi = 0; /* run multiple responder processes */
int acfd = (int) INVALID_SOCKET;
{
va_list ap;
+ if (verbosity < level)
+ return;
+
va_start(ap, fmt);
#ifdef HTTP_DAEMON
if (multi) {
if (vsnprintf(buf, sizeof(buf), fmt, ap) > 0)
syslog(level, "%s", buf);
- if (level >= LOG_ERR)
+ if (level <= LOG_ERR)
ERR_print_errors_cb(print_syslog, &level);
} else
#endif
BIO_printf(bio_err, "%s: ", prog);
BIO_vprintf(bio_err, fmt, ap);
BIO_printf(bio_err, "\n");
+ (void)BIO_flush(bio_err);
}
va_end(ap);
}
char reqbuf[2048], inbuf[2048];
char *meth, *url, *end;
ASN1_VALUE *req;
- int ret = 1;
+ int ret = 0;
*preq = NULL;
if (ppath != NULL)
*ppath = NULL;
*pcbio = NULL;
- /* Connection loss before accept() is routine, ignore silently */
+ log_message(prog, LOG_DEBUG, "Awaiting next request...");
+/* Connection loss before accept() is routine, ignore silently */
if (BIO_do_accept(acbio) <= 0)
- return 0;
+ return ret;
- cbio = BIO_pop(acbio);
- *pcbio = cbio;
+ *pcbio = cbio = BIO_pop(acbio);
if (cbio == NULL) {
/* Cannot call http_server_send_status(cbio, ...) */
ret = -1;
/* Read the request line. */
len = BIO_gets(cbio, reqbuf, sizeof(reqbuf));
- if (len <= 0) {
- log_message(prog, LOG_INFO,
- "Request line read error or empty request");
+ if (len == 0)
+ return ret;
+ ret = 1;
+ if (len < 0) {
+ log_message(prog, LOG_WARNING, "Request line read error");
(void)http_server_send_status(cbio, 400, "Bad Request");
goto out;
}
+ if ((end = strchr(reqbuf, '\r')) != NULL
+ || (end = strchr(reqbuf, '\n')) != NULL)
+ *end = '\0';
+ log_message(prog, LOG_INFO, "Received request, 1st line: %s", reqbuf);
meth = reqbuf;
url = meth + 3;
while (*url == ' ')
url++;
if (*url != '/') {
- log_message(prog, LOG_INFO,
+ log_message(prog, LOG_WARNING,
"Invalid %s -- URL does not begin with '/': %s",
meth, url);
(void)http_server_send_status(cbio, 400, "Bad Request");
if (*end == ' ')
break;
if (strncmp(end, " HTTP/1.", 7) != 0) {
- log_message(prog, LOG_INFO,
+ log_message(prog, LOG_WARNING,
"Invalid %s -- bad HTTP/version string: %s",
meth, end + 1);
(void)http_server_send_status(cbio, 400, "Bad Request");
len = urldecode(url);
if (len < 0) {
- log_message(prog, LOG_INFO,
+ log_message(prog, LOG_WARNING,
"Invalid %s request -- bad URL encoding: %s",
meth, url);
(void)http_server_send_status(cbio, 400, "Bad Request");
getbio = BIO_push(b64, getbio);
}
} else {
- log_message(prog, LOG_INFO,
+ log_message(prog, LOG_WARNING,
"HTTP request does not start with GET/POST: %s", reqbuf);
/* TODO provide better diagnosis in case client tries TLS */
(void)http_server_send_status(cbio, 400, "Bad Request");
for (;;) {
len = BIO_gets(cbio, inbuf, sizeof(inbuf));
if (len <= 0) {
- log_message(prog, LOG_ERR,
+ log_message(prog, LOG_WARNING,
"Error skipping remaining HTTP headers");
(void)http_server_send_status(cbio, 400, "Bad Request");
goto out;
/* Try to read and parse request */
req = ASN1_item_d2i_bio(it, getbio != NULL ? getbio : cbio, NULL);
if (req == NULL) {
- log_message(prog, LOG_ERR, "Error parsing request");
+ log_message(prog, LOG_WARNING, "Error parsing DER-encoded request content");
+ (void)http_server_send_status(cbio, 400, "Bad Request");
} else if (ppath != NULL && (*ppath = OPENSSL_strdup(url)) == NULL) {
log_message(prog, LOG_ERR,
"Out of memory allocating %zu bytes", strlen(url) + 1);
projects / openssl.git / commitdiff